package com.baizhi.config;

import com.baizhi.realm.AuthenRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

/**
 * shiro配置类
 */
//@Configuration
public class ShiroConfig {


    /**
     * 创建过滤工厂
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager){

        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();

        /**
         * 设置过滤规则
         * anon 匿名可以访问
         * authc 认证可访问
         */
        Map map = new HashMap();
        map.put("/login.jsp","anon");
        map.put("/admin/*","anon");
        map.put("/jsp/*","authc");
        map.put("/main.jsp","authc");
        map.put("/guru/*","authc");

        factoryBean.setFilterChainDefinitionMap(map);

        //设置安全管理器
        factoryBean.setSecurityManager(securityManager);

        return factoryBean;
    }

    /**
     * 创建安全管理器
     * @bean加在方法上，方法的形参对应的形式在工厂中有，则会自动装配
     */
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(AuthenRealm realm){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();

        //设置自定义的Realm
        defaultWebSecurityManager.setRealm(realm);

        return defaultWebSecurityManager;
    }

    /**
     * 创建自定义的Realm
     */
    @Bean
    public AuthenRealm authenRealm(){
        return  new AuthenRealm();
    }




}
